Both CMMI and ISO 9001 aim at improving process quality. The fundamental difference between CMMI vs ISO 9001 is conceptual. CMMI is a process model and ISO 9001 is an audit standard.
CMMI is a set of related "best practices" derived from industry leaders and relates to product engineering and software development. Businesses receive CMMI ratings from Level 1 to Level 5 depending upon the extent of compliance to key performance areas specified in the selected CMMI process area.
ISO 9001 is a certification tool that certifies businesses whose processes conform to the laid down standards. Implementing ISO 9001 doesn't mean that you are compliant with CMMI, although it can be a good foundation for implementing CMMI.
What is your advice on implementing an enterprise quality assurance framework, in a nut shell? Does it sound correct, if I propose that use ISO 9001:2015 as overarching quality assura nce framework, where apply ISO 27001 for its information security?